Most Young Gig Economy Companies Way Behind On Protecting User Data: 2016 In Review

Most Young Gig Economy Companies Way Behind On Protecting User Data: 2016 In Review

"Sharing" or "gig economy" companies like Uber and Airbnb continued to grow in 2016, meaning their data protection and privacy practices came into sharp focus as millions of Americans turned to these young companies for everything from rides to the airport to renting an apartment instead of a hotel room.

Customers are entrusting these companies—including others like Lyft, TaskRabbit, and Instacart—with enormous amounts of sensitive information about their habits and lives. To access the services offered, or to offer services via company apps, individuals are disclosing data about where they live and shop, what they buy, where they sleep, and where they travel.

In 2016, we published our annual Who Has Your Back report, which took a close look at policies and practices of gig economy companies and found much to be desired. On the whole, gig economy companies haven’t caught up with the rest of the tech industry in safeguarding user data against unwarranted government access demands. When the government comes knocking, most gig economy companies—whether home rental services, car sharing, or on-demand labor—aren’t promising to stand by their users.

Half of the companies we reviewed didn’t require a warrant before turning over customer data to law enforcement. Most of the companies we reviewed haven’t issued transparency reports providing information about the number of government data requests they get. There were some exceptions. Uber and Lyft earned our highest marks for best practices in transparency over their handling of user data.

But in December, Uber made a change in its iPhone app that undermined user privacy. The company removed an option to limit location tracking of its customers to “While Using,” a privacy setting in the iOS that provides users control of when their information is shared with the app.When you need a ride and open the Uber app, you are asked for location data and given the option of providing this “Always” or “Never.” The company took away the option of providing location data only while using the app. Choosing “Always” enables Uber to track your location for five minutes after you leave the vehicle. Sorry, but that’s just creepy and unnecessary. We’ve asked Uber to restore the “While Using” choice.

Unfortunately the Uber location tracking change is part of a disturbing trend among software makers that we saw continue in 2016 to take away, or at least limit, the ability of users to opt out of functionality that automatically gobbles up your personal information—such as location data and browsing history.

Two other examples stand out in the past year. Microsoft has aggressively pushed its Windows 10 upgrade on customers, using tactics that went from annoying to downright malicious. If that’s not troubling enough, consumers who upgrade find that once installed, Windows 10 sends an unprecedented amount of usage data back to Microsoft, particularly if users opt in to “personalize” the software using the OS assistant called Cortana. Here’s a non-exhaustive list of data sent back: location data, text input, voice input, touch input, webpages you visit, and telemetry data regarding your general usage of your computer, including which programs you run and for how long. Unless you’re an enterprise user, no matter what, you have to share at least some of this telemetry data with Microsoft and there’s no way to opt-out of it.

The second example involves the note-taking app Evernote. The company adopted a new privacy policy in December that allows some employees to read user content for the sake of improving its machine learning technology. Want to avoid the company’s prying eyes? Apparently there’s no clear way to do so if you want to continue using the service.

As our review shows, it is incumbent upon users to be mindful of what and how much information they give up in order to participate in the digital marketplace and to vote with their feet to platforms that do a better job of protecting user privacy.

When social media platforms enforce their content moderation rules unfairly, it affects everyone’s ability to speak out online. Unfair and inconsistent online censorship magnifies existing power imbalances, giving people who already have the least power in society fewer places where they are allowed a voice online.President Donald Trump...

It has taken more than a year, but the California Attorney General’s Office has implemented steps to protect immigrants from U.S. Immigration and Customs Enforcement (ICE) and other agencies that abuse the state’s public safety network, the California Law Enforcement Telecommunications System (CLETS). Following calls for reform from EFF and...

Over the next few years, the Department of Homeland Security (DHS) plans to implement an enormous biometric collection program which will endanger the rights of citizens and foreigners alike. The agency intends to collect at least seven types of biometric identifiers, including face and voice data, DNA, scars, and tattoos...

BOSTON — The Electronic Frontier Foundation (EFF) and the ACLU today asked a federal court to rule without trial that the Department of Homeland Security violates the First and Fourth Amendments by searching travelers’ smartphones and laptops at airports and other U.S. ports of entry without a warrant.The request...

Update: the time for this hearing has changed. It now begins at 1:30pm. San Francisco – At 1:30 pm on Wednesday, May 1, the Electronic Frontier Foundation (EFF) and the Law Office of Michael T. Risher will argue against the government’s motion to dismiss a lawsuit challenging law enforcement retention...